Patent application number | Description | Published |
20090044276 | METHOD AND APPARATUS FOR DETECTING MALWARE - A method of detecting malware may include: a) examining header data in each PDU transferred by a port of an access switch to identify PDUs transferred from a local network device, b) extracting a far-end device address for PDUs based at least in part on examination of an address portion of the corresponding header data, c) maintaining fan-out information indicative of a quantity of unique far-end device addresses extracted from the PDUs during consecutive time windows, d) determining a current trend based on the fan-out information for a current time window, e) comparing the current trend to an expected trend, and f) identifying a suspected malware infection in the local network device when the current trend exceeds the expected trend by a trend threshold. A network element that may implement the method may include a header data processing unit, data storage logic, data processing logic, and malware identification logic. | 02-12-2009 |
20090293122 | METHOD AND SYSTEM FOR IDENTIFYING ENTERPRISE NETWORK HOSTS INFECTED WITH SLOW AND/OR DISTRIBUTED SCANNING MALWARE - Malware detection systems are presented in which a list is constructed of enterprise hosts to or from which each given enterprise network host sends or receives packets within a current measurement period and statistics are accumulated based on two or more measurement period lists, with a count value being derived from the statistics to indicate the number of other hosts to or from which each monitored host sent or received packets, and one or more monitored hosts may be identified as suspected of being infected with slow and/or distributed scanning malware for which the count value exceeds a threshold value. | 11-26-2009 |
20090328220 | MALWARE DETECTION METHODS AND SYSTEMS FOR MULTIPLE USERS SHARING COMMON ACCESS SWITCH - Malware detection systems and methods are presented in which header data of protocol data units (PDUs) are examined at a wireless access switch shared by multiple clients, and the PDU type and client are used to establish counters, with the count values being analyzed to identify clients suspected of being infected with malware. | 12-31-2009 |
20100054433 | Verifying authenticity of voice mail participants in telephony networks - A method includes receiving an authentication certificate of a voice mail account holder and/or an authentication certificate of a caller wanting to leave a voice mail message the holders' voice mail account. A voice mail apparatus that provides voice mail service for the voice mail account holder performs such receiving. The account holder and/or the caller are authenticated after receiving the authentication certificate of the party being authenticated. Authenticating the account holder and/or the caller is performed using authentication information contained within the respective certificate. After such authentication is successfully performed, a voice mail message record can be created in the account of the account holder. Such creating includes allowing the caller to store the message in the account of the account holder in addition to associating authenticated identification information of the caller with the message and/or providing authenticated identification of the account holder to the caller. | 03-04-2010 |
20100058479 | Method and system for combating malware with keystroke logging functionality - A method is carried out by a computer system for combating malicious keystroke-logging activities thereon. An operation is performed for generating a plurality of fake keystroke datasets that are each configured to resemble a keystroke dataset generated by keystrokes made on an input device of the computer system while entering sensitive information of a prescribed configuration. An operation is performed for receiving an instance of the sensitive information instance of the prescribed configuration concurrently with generating the fake keystroke datasets. Receiving the sensitive information instance includes a user of the computer system entering the sensitive information instance by performing keystrokes on the input device of the computer system such that a real keystroke dataset corresponding to the sensitive information instance is generated. An operation is performed for embedding the real keystroke dataset within at least a portion of the fake keystroke datasets after receiving the sensitive information instance. | 03-04-2010 |
20100067504 | System and method for exposing malicious clients in wireless access networks - Malicious clients within a wireless access network are identified using bait traffic transmitted between a collaborating wireless access point and a collaborating client. The bait traffic entices a malicious client to transmit malicious traffic towards the collaborating wireless access point. Upon receiving the malicious traffic, the collaborating wireless access point is able to identify the malicious client and report the presence of the malicious client within the wireless access network. | 03-18-2010 |
20100070761 | RELIABLE AUTHENTICATION OF MESSAGE SENDER'S IDENTITY - A method is provided in a telecommunications network for authenticating a sender ( | 03-18-2010 |
20100070771 | AUTHENTICATION OF ACCESS POINTS IN WIRELESS LOCAL AREA NETWORKS - A method is provided for authenticating an identity of an operator ( | 03-18-2010 |